- Total Prize Pool: $70,000 in USDC
- HM awards: $55,800 in USDC
- QA awards: $2,300 in USDC
- Judge awards: $6,800 in USDC
- Validator awards: $4,600 USDC
- Scout awards: $500 in USDC
- Read our guidelines for more details
- Starts November 11, 2024 20:00 UTC
- Ends November 25, 2024 20:00 UTC
Note for C4 wardens: Anything included in this Automated Findings / Publicly Known Issues
section is considered a publicly known issue and is ineligible for awards.
-
NibiruChain/nibiru#2075 - [evm] Oracle precompile UX would be improved by update time information S-triage
-
NibiruChain/nibiru#2063 - A known issue we're in the progress of implementing a solution for. This doesn't present a security issue because transaction messages that use an invalid ERC20 in their FunToken mapping will simply fail to be executed.
Nibiru Chain is a breakthrough Layer 1 blockchain and smart contract ecosystem providing superior throughput, improved security, and a high-performance EVM execution layer. Nibiru aims to be the most developer-friendly and user-friendly smart contract ecosystem, leading the charge toward mainstream Web3 adoption by innovating at each layer of the stack: dApp development, scalable blockchain data indexing, consensus optimizations, a comprehensive developer toolkit, and composability across multiple VMs.
- Previous audits: We did a C4 Zenith audit right before this competitive audit, though it doesn't have a report I can link yet. A much earlier version of the chain was also audited by Zellic prior to Nibiru's inclusion of the EVM (https://reports.zellic.io/publications/nibiru).
- Documentation:
- Docs | Nibiru Chain: Conceptual and technical documentation can be found here.
- Complete Golang reference docs: (
pkg.go.dev
) For the blockchain implementation . - Nibiru Modules: Module-specific documentation
- Website: https://nibiru.fi/
- X/Twitter: https://twitter.com/NibiruChain
- Discord: https://discord.com/invite/HFvbn7Wtud
See scope.txt
File | code |
---|---|
x/evm/keeper/grpc_query.go | 565 |
x/evm/keeper/msg_server.go | 494 |
x/evm/statedb/statedb.go | 383 |
eth/rpc/backend/blocks.go | 373 |
x/evm/precompile/funtoken.go | 373 |
eth/rpc/backend/tx_info.go | 352 |
eth/rpc/rpcapi/eth_api.go | 305 |
eth/rpc/backend/call_tx.go | 258 |
x/evm/precompile/wasm.go | 243 |
eth/rpc/backend/utils.go | 230 |
eth/rpc/backend/tracing.go | 204 |
x/evm/precompile/wasm_parse.go | 198 |
x/evm/statedb/journal.go | 185 |
x/evm/statedb/state_object.go | 185 |
x/evm/keeper/erc20.go | 175 |
eth/rpc/backend/account_info.go | 170 |
x/evm/keeper/statedb.go | 152 |
x/evm/keeper/evm_state.go | 139 |
x/evm/keeper/gas_fees.go | 138 |
eth/rpc/backend/chain_info.go | 137 |
x/evm/precompile/precompile.go | 136 |
x/evm/keeper/bank_extension.go | 135 |
app/evmante/evmante_validate_basic.go | 119 |
x/evm/keeper/funtoken_from_erc20.go | 118 |
app/evmante/evmante_gas_consume.go | 109 |
x/evm/keeper/keeper.go | 102 |
x/evm/keeper/call_contract.go | 96 |
x/evm/precompile/oracle.go | 92 |
app/evmante/evmante_can_transfer.go | 74 |
x/evm/keeper/vm_config.go | 72 |
x/evm/statedb/access_list.go | 65 |
x/evm/keeper/funtoken_from_coin.go | 64 |
eth/rpc/backend/node_info.go | 60 |
x/evm/keeper/funtoken_state.go | 60 |
app/evmante/evmante_increment_sender_seq.go | 58 |
app/evmante/evmante_verify_eth_acc.go | 57 |
app/evmante/evmante_mempool_fees.go | 56 |
app/evmante/evmante_sigverify.go | 53 |
eth/rpc/backend/backend.go | 46 |
x/evm/precompile/errors.go | 45 |
app/evmante/evmante_emit_event.go | 39 |
app/evmante/evmante_setup_ctx.go | 35 |
x/evm/statedb/config.go | 27 |
x/evm/statedb/debug.go | 24 |
x/evm/keeper/precompiles.go | 22 |
app/evmante/evmante_handler.go | 21 |
x/evm/keeper/msg_update_params.go | 21 |
x/evm/statedb/interfaces.go | 19 |
x/evm/keeper/hooks.go | 17 |
app/evmante/interfaces.go | 9 |
SUM: | 7110 |
Main Scope |
---|
x/evm/keeper |
x/evm/precompile |
x/evm/statedb |
app/evmante |
eth/rpcapi/eth_api.go |
eth/rpc/backend |
*Ignore .pb.go protobuf files
Important Tests |
---|
evm-e2e |
x/evm/evmtest |
See the files in out_of_scope.txt
Question | Answer |
---|---|
ERC20 used by the protocol | Any (all possible ERC20s) |
ERC721 used by the protocol | N/A |
ERC777 used by the protocol | N/A |
ERC1155 used by the protocol | N/A |
Chains the protocol will be deployed on | Nibiru |
Question | Answer |
---|---|
Missing return values | In scope |
Fee on transfer | In scope |
Balance changes outside of transfers | In scope |
Upgradeability | In scope |
Flash minting | In scope |
Pausability | In scope |
Approval race protections | In scope |
Revert on approval to zero address | Out of scope |
Revert on zero value approvals | Out of scope |
Revert on zero value transfers | Out of scope |
Revert on transfer to the zero address | Out of scope |
Revert on large approvals and/or transfers | In scope |
Doesn't revert on failure | In scope |
Multiple token addresses | Out of scope |
Low decimals ( < 6) | In scope |
High decimals ( > 18) | In scope |
Blocklists | Out of scope |
Question | Answer |
---|---|
Enabling/disabling fees (e.g. Blur disables/enables fees) | No |
Pausability (e.g. Uniswap pool gets paused) | No |
Upgradeability (e.g. Uniswap gets upgraded) | Yes |
Question | Answer |
---|---|
x/evm/embeds/contracts/ERC20Minter.sol | Must be a valid, ownable ERC20. We're importing from OpenZeppelin and don't expect there to be issues based on the test suite. |
Contracts registered with a FunToken mapping to a Bank Coin on Nibiru | Must be valid ERC20s |
-
NIBI is "ether" on the network, and microNIBI (written "unibi") is the smallest unit of NIBI. The following invariant holds true: 1 NIBI == 10^{18} wei == 10^{6} unibi. Note that this implies we cannot transfer values smaller than 10^{12} wei.
-
All of the standard invariants of the EVM StateDB should work exactly as they do on Ethereum mainnet.
-
Account state is not held by a particular VM, since an address is actually just a byte array. Thus, all accounts have both a nibi-prefixed Bech32 address and Ethereum hexadecimal address, each derived from the same bytes.
-
Any bank coin on Nibiru can be used to create a canonical ERC20 representation, for which the EVM itself (the module account) will be the owner.
-
Similar to (3), any ERC20 on Nibiru can be used to create a canonical bank coin representation. The owner of the ERC20 is unbounded, while only the EVM Module account can mint the bank coin representation produced.
- When users of Nibiru interact over external clients like ethers.js and wagmi, is the behavior familiar like what developers would expect on the Ethereum L1 or networks like BSC, Base, or Arbitrum?
- Does the Ethereum JSON-RPC interface for Nibiru operate as expected in terms of transaction receipts, contract deployment and interactions, and how error messages are displayed?
Nibiru EVM has a few cases of special permissions: the EVM Module, the proof of stake governance authority, and the owner of an ERC20 as it pertains to the FunToken mapping mechanism:
Role | Description |
---|---|
EVM Module | - In the content of the FunToken mapping mechanism, the EVM itself is a Module Account with the sole authority to call burnFromAuthority from the evm/embeds/contracts/ERC20Minter.sol contracts that get deployed to represent Bank Coins as ERC20s.- When a bank coin is created via “createFunTokenFromERC20”, the EVM Module is the only authority able to mint that coin. |
Governance Authority | A governance proposal can be submitted to update the EVM module parameters, such as the “CreateFunTokenFee”. |
Wasm Precompile | When interacting with the Wasm VM from inside the EVM, the sender of the Wasm transaction message must be the sender of the EVM transaction message (the transaction signer). This allows us to cleanly compose the two VMs without complicating security checks. |
N/A
To run the local network, please install the Nibiru CLI:
git clone --recurse https://github.com/code-423n4/2024-11-nibiru.git
cd 2024-11-nibiru
cargo install just
just # see all commands
just install
just build
just localnet # Run a local network
cd evm-e2e
cp .env_sample .env
just install
just test # Runs the EVM end to end tests suite with ethers.js
Employees of Nibiru and employees' family members are ineligible to participate in this audit.
Code4rena's rules cannot be overridden by the contents of this README. In case of doubt, please check with C4 staff.